Keeping emails hidden is an increasing concern with all the spam floating around. Here is a way using MySQL and a contact form to allow a group of users on a site to contact each other safely...
Bastien
CREATE TABLE `contacts` (
`id` int(10) NOT NULL auto_increment,
`first_name` varchar(30) NOT NULL default '',
`last_name` varchar(50) NOT NULL default '',
`email` varchar(75) default NULL,
`contact_status` tinyint(1) NOT NULL default '0',
PRIMARY KEY (`id`)
) TYPE=MyISAM AUTO_INCREMENT=2 ;
select the email address' from your db
<?php
if (isset($_POST['submit']))
{
//submit button pushed call the send_email function
send_email();
}else{
//nothing has been pushed so show the form
show_form();
}//end if
/**************************************************************************
send_mail function
**************************************************************************/
function send_email()
{
//default values for elements
$subject = '';
$id = '';
$message = '';
$your_name = '';
$your_email = '';
$err_msg = '';
$headers = '';
//get the values from the form handle any errors
if(isset($_POST['subject']))
{
$subject = $_POST['subject'];
}
if(isset($_POST['email']))
{
$id = $_POST['email'];
}
if(isset($_POST['message']))
{
$message = $_POST['message'];
}
if(isset($_POST['your_name']))
{
$your_name = $_POST['your_name'];
}
if(isset($_POST['your_email']))
{
$your_email = $_POST['your_email'];
}
if ($id == "" )
{
$err_msg = "No person chosen.";
}
//sender's email
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $your_email))
{
$err_msg .= "Your email is not valid. Please re-enter it<br />";
$your_email = '';
}
//check to see if the other elements have values
if(empty($message))
{
$err_msg .= "No message set. Please enter a message.<br />";
}
if(empty($subject))
{
$err_msg .= "No subject set. Please enter a subject.<br />";
}
if(empty($your_name))
{
$err_msg .= "No sender name set. Please enter a your name.<br />";
}
//check the err_msg to see if there are any messages
if ($err_msg != ''){
//there is an error so build the data into a pipe delimited string and pass it back to the form
$data = "$id|$subject|$message|$your_email|$your_name";
show_form($data,$err_msg);
die();
}//end if
//get the email from the db and send it
$sql = "select email from contacts where id = $id";
/**************************************************************************
show_form function
**************************************************************************/
function show_form($data='',$msg='')
{
//show the form for the email
//the $data='' and $msg='' constructs allow for no information to be passed to the function
//set defaults for function
$subject = '';
$email = '';
$message = '';
$your_name = '';
$your_email = '';
//explode the string passed back from the send_mail function if there is an error
if (($data !="" )&&($msg != ""))
{
$elements = explode("|",$data);
$email = $elements[0];
$subject = $elements[1];
$message = $elements[2];
$your_email = $elements[3];
$your_name = $elements[4];
}//end if
/*
optional where clauses could include:
1. only active users
2. check to see if the user wants to allow contact from others on the site
3. only new users (signed up within a certain date)
*/
$sql = "SELECT * FROM contacts";//[optional where clause to show only people who choose to allow contact]
//produce the email drop down
if (mysql_num_rows($result)>0){
//produce the drop down list
echo "<tr><td width='50%' align='right'>Name: </td><td><select name='email'>\n"; //optionally add MULTIPLE to allow sending to multiple addresses
echo "<option value=''>Choose One</option>\n";
while ($rows = mysql_fetch_array($result)){
echo "<option value='".$rows['id']."'>".$rows['first_name'].' '.$rows['last_name']."</option>\n";
}//end while
echo "</select></td></tr>";
}else{
//if there is a problem, have the user manually enter the email address
echo "<tr><td colspan='2' align='center' style='color:red; font-weight:bold;'><br />Currently unable to locate email addresses. There maybe a problem with the database.</td></tr>";
echo "<tr><td colspan='2'> </td></tr>";
echo "<tr><td colspan='2' align='center' style='color:red; font-weight:bold;'>Please enter the email address manually</td></tr>\n";
echo "<tr><td width='40%' align='right'>Email Address: </td><td><input type='text' name='email' size='50' value='$email'></td></tr>\n";
}//end if
}//end function
/*************************************************************************
db connection function
*************************************************************************/
function conn($sql)
{
$host = "localhost";
$user = "user";
$pass = "pass";
$db = "my_db";
//echo "commnecing connection to local db<br>";
if (!($conn=mysql_connect($host, $user, $pass))) {
printf("error connecting to DB by user = $user and pwd=$pass");
exit;
}
$db3=mysql_select_db($db,$conn) or die("Unable to connect to local database");
$result = mysql_query($sql) or die ("Can't run query because ". mysql_error());
Jose Santos wrote :1279
Ok! Is a way to solve these problem !!
Because for internet users, when least information, is more best !!! because the hackers ... !!
Other way to information is secute http (https), most used on logon precess, but used in other pages with private information
